Search
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

The issues with mobile security - Yubico comments

May 2021 by Nic Sarginson, Principal Solutions Engineer at Yubico

In case useful for any stories you might be writing about Boris Johnson’s mobile number risks, The comments from Nic Sarginson, Principal Solutions Engineer at Yubico, discussing the broader safety concerns relating to mobile security. Yubico helps companies like Google to secure 85,000+ of its employees against online fraud.

“As Prime Minister, Boris Johnson is a key target for bad actors wanting to gain insight into UK Government activities. His mobile number being so easy to find online has obvious security implications but even after he changes his phone number, he will still be at risk. Mobile devices are easy to hack. Authentication via SMS One Time Passwords (OTPs) can be easily intercepted and leave users vulnerable to SIM Swapping, where an adversary is able to gain access to all of the security codes (and other private details) in the users’ phone.

“This story has brought to light the vulnerability of our mobiles, especially as it relates to authentication. But the risk of a cyberattack is not limited to the Prime Minister. All who only use SMS authentication are at potential risk. But, there are things we can do to protect ourselves. The main step is to implement strong two-factor authentication (2FA), beyond basic methods such as SMS OTPs. Biometrics and hardware keys are the strongest methods. Google even uses security keys to protect over 85,000 of its employees, leading to zero confirmed account takeovers.”




See previous articles

    

See next articles